6 ECTS course in the Computer Science degree programs, designed to provide a comprehensive and hands‑on introduction to the fundamental concepts, technologies, and tools used to build modern, scalable, and secure web applications.
The course starts from the foundations of the Web as a distributed system and progressively guides students through the complete development stack, from client‑side interfaces to server‑side logic, APIs, security, and testing. Particular attention is given to current industry practices and modern development workflows.
Course topics
Students will gain a solid understanding of how the Web works under the hood, beginning with the HTTP protocol and the architecture of web‑based distributed systems. From there, the course explores the three core web technologies that form the backbone of every web application:
- HTML (Living Standard), with a focus on semantics and accessibility
- CSS, including selectors, the cascade and inheritance model, modern layout techniques (Flexbox and Grid), media queries, and the foundations of responsive design
- JavaScript (ES6+), both as a programming language and as the glue of the browser environment, covering DOM manipulation, Web Storage APIs, asynchronous programming, promises, and network communication via the Fetch API
Building on the client side, the course introduces the distinction between static and dynamic web applications, followed by server‑side programming concepts, session tracking, and state management.
Students then learn how to use JavaScript beyond the browser through Node.js, enabling them to write backend logic in the same language used on the frontend. This naturally leads to the introduction of web frameworks, focusing on general architectural principles and practical development with Express for building web applications and RESTful APIs.
Modern web development stack
The course covers Content Management Systems (CMSs), with an emphasis on headless CMS architectures and modern approaches to content delivery, along with an introduction to GraphQL.
To support scalable and maintainable codebases, students are introduced to TypeScript, learning how static typing improves reliability and developer productivity in large JavaScript applications.
On the tooling side, the course presents modern frontend development workflows, including:
- CSS preprocessing with Sass
- Code bundling and minification
- Practical examples using Vite as a modern build tool
The course also covers Single‑Page Applications (SPAs) and the principles behind modern frontend architectures, followed by hands‑on development using the Angular framework.
Security and quality
Security is a core component of the course. Students learn about common web security vulnerabilities and how to mitigate them in practice, including:
- Cross‑Site Scripting (XSS)
- Cross‑Site Request Forgery (CSRF)
- SQL Injection
- Session poisoning, hijacking, and fixation
Finally, the course integrates software engineering practices for web development, emphasizing code quality, maintainability, and reliability. The curriculum concludes with end‑to‑end testing, using Playwright to ensure correct behavior across the entire application stack.